package cn.tedu.erp.project.controller;

import cn.tedu.erp.project.pojo.dto.AdminAddNewDTO;
import cn.tedu.erp.project.pojo.dto.AdminLoginDTO;
import cn.tedu.erp.project.pojo.dto.AdminUpdateDTO;
import cn.tedu.erp.project.pojo.vo.AdminListVO;
import cn.tedu.erp.project.pojo.vo.AdminStandardVO;
import cn.tedu.erp.project.security.LoginPrincipal;
import cn.tedu.erp.project.service.IAdminService;
import cn.tedu.erp.project.web.JsonResult;
import com.github.xiaoymin.knife4j.annotations.ApiOperationSupport;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;
import lombok.extern.slf4j.Slf4j;
import org.hibernate.validator.constraints.Range;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.web.bind.annotation.*;
import springfox.documentation.annotations.ApiIgnore;

import javax.validation.Valid;
import java.util.List;

@Slf4j
@RestController
@RequestMapping("/admins")
@Api(tags = "02.用户管理模块")
public class AdminController {

    public AdminController() {
        log.debug("创建控制器对象:AdminController");
    }

    @Autowired
    IAdminService service;

    //http://localhost:9090/admins/login
    @PostMapping("/login")
    @ApiOperation("用户登录")
    @ApiOperationSupport(order = 10)
    public JsonResult<String> login(AdminLoginDTO adminLoginDTO) {
        log.debug("开始处理[用户登录]的请求,请求参数:{}", adminLoginDTO);
        //获取jwt
        String jwt = service.login(adminLoginDTO);
        //将jwt响应给客户端
        return JsonResult.ok(jwt);
    }

    //http://localhost:9090/admins/add-new
    @PostMapping("/add-new")
    @ApiOperation("添加用户")
    @ApiOperationSupport(order = 100)
    @PreAuthorize("hasAuthority('/erp_pwdb/admin/add-new')")//检查用户是否有权限
    public JsonResult<Void> addNew(AdminAddNewDTO adminAddNewDTO) {
        log.debug("开始处理[添加用户]的请求,请求参数:{}", adminAddNewDTO);
        service.addNew(adminAddNewDTO);
        return JsonResult.ok();
    }

    //http://localhost:9090/admins/0-9/delete
    @PostMapping("/{id:[0-9]+}/delete")
    @ApiOperation("删除用户")
    @PreAuthorize("hasAuthority('/erp_pwdb/admin/delete')")//检查用户是否有权限
    @ApiOperationSupport(order = 200)
    @ApiImplicitParams(
            @ApiImplicitParam(name = "id", value = "用户ID", required = true, dataType = "long")
    )
    public JsonResult<Void> delete(@PathVariable @Range(min = 2, message = "请提交有效的ID值!") Long id) {
        log.debug("开始处理[删除用户]的请求,请求参数:{}", id);
        service.deleteById(id);
        return JsonResult.ok();
    }

    // http://localhost:9090/admins/9527/update
    @PostMapping("/{id:[0-9]+}/update")
    @ApiOperation("修改用户详情")
    @PreAuthorize("hasAuthority('/erp_pwdb/admin/update')")//检查用户是否有权限
    @ApiOperationSupport(order = 300)
    @ApiImplicitParams({
            @ApiImplicitParam(name = "id", value = "用户ID", required = true, dataType = "long")
    })
    public JsonResult<Void> updateInfoById(@PathVariable @Range(min = 2, message = "请提交有效的ID值！") Long id,
                                           @Valid AdminUpdateDTO adminUpdateDTO) {
        log.debug("开始处理【修改用户详情】的请求，ID：{},新数据：{}", id, adminUpdateDTO);
        service.updateById(id, adminUpdateDTO);
        return JsonResult.ok();
    }

    //http://localhost:9080/admins/952xxx7/enable
    @ApiOperation("启用用户")
    @ApiOperationSupport(order = 310)
    @PostMapping("/{id:[0-9]+}/enable")
    @PreAuthorize("hasAuthority('/erp_pwdb/admin/update')")//检查用户是否有权限
    @ApiImplicitParams({
            @ApiImplicitParam(name = "id", value = "用户ID", required = true, dataType = "long")
    })
    public JsonResult<Void> setEnable(@PathVariable @Range(min = 2, message = "请提交有效的ID值!") Long id) {
        log.debug("开始处理[启用用户]的请求,参数为{}", id);
        service.setEnable(id);
        return JsonResult.ok();
    }

    //http://localhost:9080/admins/952xxx7/disenable
    @ApiOperation("禁用用户")
    @ApiOperationSupport(order = 320)
    @PreAuthorize("hasAuthority('/erp_pwdb/admin/update')")//检查用户是否有权限
    @PostMapping("/{id:[0-9]+}/disable")
    @ApiImplicitParams({
            @ApiImplicitParam(name = "id", value = "用户ID", required = true, dataType = "long")
    })
    public JsonResult<Void> setDisable(@PathVariable @Range(min = 2, message = "请提交有效的ID值!") Long id) {
        log.debug("开始处理[禁用用户]的请求,参数为{}", id);
        service.setDisable(id);
        return JsonResult.ok();
    }

    //http://localhost:9080/admins/952xxx7/nomanager
    @ApiOperation("禁用用户经理")
    @ApiOperationSupport(order = 330)
    @PreAuthorize("hasAuthority('/erp_pwdb/admin/update')")//检查用户是否有权限
    @PostMapping("/{id:[0-9]+}/nomanager")
    @ApiImplicitParams({
            @ApiImplicitParam(name = "id", value = "用户ID", required = true, dataType = "long")
    })
    public JsonResult<Void> setNoManager(@PathVariable @Range(min = 2, message = "请提交有效的ID值!") Long id) {
        log.debug("开始处理[启用用户经理]的请求,参数为{}", id);
        service.setNoManager(id);
        return JsonResult.ok();
    }

    //http://localhost:9090/admins/52xxx7/manager
    @ApiOperation("启用用户经理")
    @ApiOperationSupport(order = 340)
    @PreAuthorize("hasAuthority('/erp_pwdb/admin/update')")//检查用户是否有权限
    @PostMapping("/{id:[0-9]+}/manager")
    public JsonResult<Void> setManager(@PathVariable @Range(min = 2, message = "请提交有效的ID值!") Long id) {
        log.debug("开始处理[禁用用户经理]的请求,参数为{}", id);
        service.setManager(id);
        return JsonResult.ok();
    }


    //http://localhost:9090/admins
    @GetMapping("")
    @ApiOperation("查询用户列表")
    @PreAuthorize("hasAuthority('/erp_pwdb/admin/read')")//检查用户是否有权限
    @ApiOperationSupport(order = 400)
    //@Apignore 注解为了防止api误以为userdetails是客户端提交的,实际是security框架提交的
    //@AuthenticationPrincipal注解是登陆成功后获取当事人信息的
    public JsonResult<List<AdminListVO>> list(
            @ApiIgnore @AuthenticationPrincipal LoginPrincipal adminDetails) {
        log.debug("开始处理[查询用户详情]的请求,无参数");
        log.debug("当事人信息:{}", adminDetails);
        log.debug("当事人用户名:{}", adminDetails.getUsername());
        log.debug("当事人ID:{}", adminDetails.getId());
        List<AdminListVO> list = service.list();
        return JsonResult.ok(list);
    }

    //http://localhost:9090/admins/listbynickname
    @ApiOperation("根据昵称查询用户详情")
    @ApiOperationSupport(order = 410)
    @GetMapping("/{nickname}")
    @PreAuthorize("hasAuthority('/erp_pwdb/admin/read')")//检查用户是否有权限
    public JsonResult<AdminStandardVO> listByNickname(@PathVariable("nickname") String nickname) {
        log.debug("开始处理查询用户详情的请求,参数为nickname={}", nickname);
        AdminStandardVO adminStandardVO = service.getByNickname(nickname);
        log.debug("查询到的结果为,{}", adminStandardVO);
        return JsonResult.ok(adminStandardVO);
    }
}
